On Debian there is the iptables-persistent package which will do this.
–
bahamatOct 20 '12 at 0:09

3

It's rather bad idea to place it in rc.local since there would be an open window gap between services start and firewall policy apply. I do prefer using pre-uphook for loopback interface in /etc/network/interfaces to overcome this.
–
poigeOct 20 '12 at 11:07

@poige: I agree 100%, rc.local might have the intended effect, but it's a kludge in this situation.
–
TechZillaOct 20 '12 at 14:52

1

@bahamat: Installing that package is the best solution, It deserves it's own answer.
–
TechZillaOct 20 '12 at 14:54

There are two different rule files: /etc/iptables/rules.v4 and /etc/iptables/rules.v6 for IPv4 and IPv6 respectively. If you want a table to apply to both kinds of connections you have to save it to both rule files.
–
PetaspeedBeaverJan 23 '14 at 15:51